Privacy policy

1. General

(1) The operator of the BQ portal, the German Economic Institute (IW), takes the protection of your personal data very seriously. All data collected will be used solely in the operation of the BQ portal. This data will not be sold.

The following declaration is intended to provide an overview of how we guarantee to safeguard all data, and of what kind of data we collect and for what purpose. In this context, please also note our current Terms and Conditions of Use.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

(2) Responsibility for the processing of personal data based on Art. 4 (7) GDPR lies with 

Institut der deutschen Wirtschaft Köln e.V.  (German Economic Institute)
Postal address: 10 19 42 / 50459 Köln 
Visitors address: Konrad-Adenauer-Ufer 21 / 50668 Köln 
Phone: +49 221 4981-0 
Email: projektbuero@bq-portal.de   

(3) Data protection officer

We have appointed a data protection officer for our company. You can reach our data protection officer Dipl. WJur Sebastian Feik at:

legitimis GmbH 
Herr Sebastian Feik 
Ball 1 
51429 Bergisch Gladbach 
datenschutz-iwkoeln@legitimis.com 
or at our postal address with the addition „der Datenschutzbeauftragte“ 

When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, possibly your name and telephone number) will be stored by us in order to answer your questions. We delete the data arising in this context after storage is no longer required, or restrict processing if there are statutory retention obligations.

2. Registering for the portal

(1) In order to make full use of the BQ portal and to access all of the information published, users must register and log in. Non-registered users only have access to the information that is publicly available.

(2) The operator of the BQ portal accepts no responsibility for the loss of the password and for any loss or damage incurred by the user as a result of this. The user must ensure that he or she uses a password that is as secure as possible and keeps this secret from third parties, including BQ portal staff.

3. Collection of personal data when you visit our website

(1) We collect information when you access and use our website and when you register or log in.
If you use this website for purely informational purposes, i.e. you do not register or provide us with information in any other way, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to display our website to you, to guarantee its stability and ensure it remains secure (based on Art. 6 (1) sentence 1 (f) GDPR):

- IP address

- Date and time of the request

- Time-zone difference to Greenwich Mean Time (GMT)

- Content of the request (specific page)

- Access status/HTTP status code

- Amount of data transferred in each case

- Website from which the request originates

- Browser

- Operating system and interface

- Language and version of the browser software

(2) The data collected electronically and in writing during the registration process will be stored by the operator of the BQ-Portal and used only for the contractually agreed purposes (including identifying the user during the registration process, checking the user’s affiliation to a competent authority and their role there). All data collected by the operators of the BQ portal will be stored either electronically or in written form.

(3) The operator of the BQ-Portal informs registered users about news and portal-changes by sending out e-mails to the users’ addresses (Infomail). Users have the right to cancel consent at any time by  e-mail or in writing.

Additionally, Name and Title are required for receiving the Infomail in order to address the registered users personally. This is based on Art. 6 (1) sentence 1 (a) GDPR.

We would like to point out that we evaluate your user behaviour when sending the newsletter. In order to conduct this evaluation, the emails sent contain web beacons or tracking pixels, which are one-pixel image files stored on our website. The evaluations involve linking the data mentioned in Section 3 and the web beacons with your email address and an individual ID. The data is exclusively collected using a pseudonym, so the IDs are not linked to your other personal data, making it impossible for them to be related back to a specific individual.

To send out the newsletter and collect tracking data, we use services provided by CleverReach. You can find further information on the third party provider’s data protection at CleverReach Privacy Policy.

4.  Data security

We maintain up-to-date technical measures to ensure data security, especially to protect your personal data from risks during data transmission and from access to the information by third parties. Each of these measures is suitably updated to the current state of technology.

5. SSL or TLS encryption 

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. 

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

6. Right of access and corrections

The user has the right to check all data related to his or her person that is stored with the operator, and to correct it if it is outdated or not correct. The user can contact the project office for this purpose (projektbuero@bq-portal.de).

7. Disclosure of data to third parties

(1) Personal data will only be made available to third parties if the operator uses this data to operate the BQ portal. This applies, for example, to the service provider that hosts the BQ portal and the data generated via the portal. The third parties entrusted with this type of service are obliged by the operator of the BQ portal to comply with the statutory provisions (e.g. Federal Data Protection Act, GDPR). They have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored. Insofar as the operator is obliged to do so by law or by court order, the data will be transmitted to authorities entitled to receive information. 

Apart from this, no data will be transferred to third parties without the expressed consent of the respective user.

(2) An exception to this is the portal’s editor search function for registered users for the purposes of establishing contact within the password-protected area. The “user name”, “chamber affiliation”, “country expertise”, “language expertise” and “professional expertise” fields (where these have been completed) can be found by other registered users via the search function. If a user explicitly agrees that all of the data provided by him or her can be found, then this is completely visible to other registered users.

The operator of the portal points out that information disclosed in the forum area, for example, can also be viewed by other users. Users are obliged to exercise the appropriate care when publishing content.

8. Filing an objection/revoking consent to the processing your data

(1) If you have given your consent to the processing of your data, you can revoke it at any time. Once you have revoked your consent, the permissibility of your personal data being processed is altered.

(2) Insofar as we base the processing of your personal data on a weighing up of interests, you may file an objection to us carrying out this processing. This is the case if the processing of this data is, in particular, not necessary in order to fulfill a contract with you, which is indicated by us in each case. In the event that you wish to file an objection, we ask you to explain the reasons why we should cease to process your personal data. If you then file an objection in which you state the relevant reasons, we will examine the facts and either discontinue or adapt the processing or will set out compelling reasons as to why we will continue to process the data concerned.

(3) You may, of course, object to the processing of your personal data for data analysis at any time. You can inform us of your objection using the following contact details: projektbuero@bq-portal.de  

9. Cookies

(1) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files stored on your hard drive which are assigned to the browser you are using and through which certain information flows to the location that has set the cookie (in this case, to us). Cookies cannot launch and operate programs or transmit viruses to your computer. They serve to make internet services more user-friendly and efficient.

Use of cookies:

a) This website uses the following types of cookies, the scope and functionality of which are explained below:

- Transient cookies (see b)

- Persistent cookies (see c).

b) Transient cookies are automatically deleted when you close your browser. This particularly includes session cookies. These store a ‘session ID’, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognised again when you return to our website. Session cookies are deleted when you log out or close your browser.

c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies via the security settings for your browser at any time.

d) You can configure your browser settings according to your wishes and, for example, refuse to accept all third-party cookies or all cookies in general. We draw your attention to the fact that depending on which settings you select, you may not be able to use all the functions of this website.

e) We use cookies to identify you for subsequent visits if you have a registered account with us. Otherwise, you will have to log-in each time you visit.

f) The Flash cookies used are not recorded by your browser, but by your Flash plug-in. We also use HTML5 storage objects that are stored on your device. These objects store the required data regardless of the browser you are using, and do not have a date on which they automatically expire. If you do not want the Flash cookies to be processed, you must install an appropriate add-on, such as Better Privacy for Mozilla Firefox (https://addons.mozilla.org/de/firefox/) or the Adobe Flash Killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using your browser in private mode. We also recommend that you delete your cookies and browser history manually on a regular basis.

10. Use of Matomo (formerly known as Piwik)

 (1) This website uses Matomo web analysis services to analyse and regularly improve the use of our website. The statistics obtained will enable us to improve our services and make them more useful and attractive to you as a user. The use of Matomo is based on Art. 6 sentence 1 (f) GDPR.

(2) In order to undertake this evaluation, cookies (more details in Section 3) are stored on your computer. The party responsible stores the information collected in this way on its server in [Germany] only. You can influence the evaluation by deleting existing cookies and preventing cookies from being stored. If you prevent cookies from being stored, we point out that you may not be able to use this website in its entirety. You can prevent cookies from being stored via your browser settings. You can prevent Matomo from being used by removing the following tick and activating the opt-out plug-in:

3) This website uses Matomo along with the extension AnonymizeIP. This means that IP addresses are further processed in a shortened form and, in turn, that personal data cannot be related back to a specific individual. The IP address transmitted by your browser via Matomo is not merged with any other data we collect.

(4) Matomo is an open source programme. You can find information on data protection undertaken by the third party provider at https://matomo.org/privacy-policy/

11. Embedding of YouTube videos

(1) We have embedded YouTube videos on our website which are stored at www.YouTube.com and can be played directly from our website. These are all embedded in the extended data protection mode, i.e. no data about you as a user will be transferred to YouTube if you do not play the videos. The data referred to in paragraph 2 are transmitted only if you play the videos. We have no influence on the transmission of this data.

(2) If you visit the website, YouTube receives the information that you have accessed the corresponding page of our website. In addition, the data mentioned under Section 3 of this declaration will also be transmitted. This occurs regardless of whether you have a YouTube user account that you are logged in to, or whether you do not have such an account. When you are logged in to Google, your information will be directly associated with your account. If you do not wish your profile to be associated with YouTube, you must log out before activating the button. YouTube stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or needs-based website design. This data (including that of users who are not logged in) is evaluated in particular in order to develop targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles and can exercise this right by contacting YouTube.

(3) Further information on the scope of data collection and processing undertaken by YouTube and on the purposes for which it is used can be found in its data protection statement. This also contains further information on your rights and on the different privacy protection settings that are available: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework

12. Contact via E-Mail

You can contact us via the e-mail address provided on our website. In this case, the personal data transmitted with your e-mail will be stored. The data will not be passed on to third parties in this context. The data is used exclusively for processing the conversation.

The legal basis for the processing of the data transmitted in the course of sending an email is primarily Art. 6 sentence 1 (a) GDPR, your personal consent. If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 sentence 1 (b) GDPR. The necessary interest lies in processing the contact.

The data will be deleted if it is no longer required to achieve the purpose for which it was collected, i.e. when the conversation with you as a user has ended or the matter in question has been conclusively clarified.

You have the option to withdraw your consent to the processing of personal data at any time (see "Filing an objection/revoking consent to the processing your data" above).

13. Deletion of personal data

The data collected during registration will be set to inactive following a cancellation but will not be deleted from the system. This ensures that no one is able to access the profile of a user who has de-registered, and that the document histories of texts and entries to which the user has contributed remain intact.

The registration or newsletter receipt can be suspended by the user.

The data will be saved if a statutory or contractual storage period applies.

14. Your rights

(1) You have the following rights with regard to the personal data concerning your person:

- Right of access, 
- Right to rectification or erasure,  
- Right to restriction of processing,  
- Right to object to processing,  
- Right to data portability.

(2) Pursuant to Art. 77 GDPR, you also have the right to appeal to the data protection supervisory authority: the Federal Commissioner for Data Protection and Freedom of Information.

(3) Please send all requests for information, requests for access or objections to data processing by e-mail to: projektbuero@bq-portal.de

15. Alteration of the privacy policy (reservation of the right to make changes)

These privacy policy may be altered at any time in compliance with the applicable data protection regulations. The version valid at the time of your visit shall apply.